Re: [Samba] security = share is deprecated? (a simple question for a newbie)
2010/12/26 François Patte francois.pa...@mi.parisdescartes.fr: As far as I understand from Chris blog, map to guest = bad user is to be used because the mode security=share is now deprecated. In my version of samba-swat (samba-swat-3.2.15-0.36) this security share mode is still there. Do I have to change the configuration? Thanks. Although security = share is not explicitly marked as deprecated in SWAT (or loadparm.c), this is same security mode as Windows 9x and will be deprecated sooner or later. At least smb signing is not supported with share level security, because of the specification of SMB. [Samba] reply_nt1: smb signing is incompatible with share level security ! http://lists.samba.org/archive/samba/2008-June/141368.html And even if there will be a severe bug, that will not be fixed or fixed but not rapidly. BUG#1254 write list not working under share-level security https://bugzilla.samba.org/show_bug.cgi?id=1254 For example, BUG#1254 was first found at Samba 3.0.3, reported several times and was fixed at Samba 3.2.6 at last. Anyway, if you like to use security = share, you have to write it explicitly in global section of your smb.conf. --- TAKAHASHI Motonobu mo...@samba.gr.jp -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] security = SHARE
I also encounter this problem that the user security mode work fine, but on share security level, it always return NT_STATUS_WRONG_PASSWORD. Is SHARE on samba 3.4 deprecated ? Can anybody give some advice? Thanks. -- View this message in context: http://old.nabble.com/security-%3D-SHARE-tp29102498p29114421.html Sent from the Samba - General mailing list archive at Nabble.com. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] security = SHARE
I also encounter this problem that the user security mode work fine, but on share security level, it always return NT_STATUS_WRONG_PASSWORD. Is SHARE on samba 3.4 deprecated ? Can anybody give some advice? user = share is like Windoze95/98 type file share. Thanks. -- View this message in context: http://old.nabble.com/security-%3D-SHARE-tp29102498p29114421.html Sent from the Samba - General mailing list archive at Nabble.com. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] security = SHARE
On 07/12/2010 07:47 AM, t...@tms3.com wrote: I also encounter this problem that the user security mode work fine, but on share security level, it always return NT_STATUS_WRONG_PASSWORD. Is SHARE on samba 3.4 deprecated ? Can anybody give some advice? user = share is like Windoze95/98 type file share. Shares mode security has been deprecated. Also, the LanMan password required for use with Windows 9x is no longer stored in smbpasswd or in the tdbsam/ldapsam backends. - John T. Thanks. -- View this message in context: http://old.nabble.com/security-%3D-SHARE-tp29102498p29114421.html Sent from the Samba - General mailing list archive at Nabble.com. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] security = SHARE
Hello, Please, i need help with security mode = share. i want to configure security = share and the parameter username = user in a shared folder to avoid that everybody could access to it. f I have understood correctly the manual, this configuration enables to access if the password provided matches with the user`password. But when i try to access returns this error: smbclient //SERVER/Docs Enter user's password: Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.4.7] Server not using user level security and no password supplied. tree connect failed: NT_STATUS_WRONG_PASSWORD I also tried: smbclient -U user%passwd //SERVER/Docs Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.4.7] Server not using user level security and no password supplied. tree connect failed: NT_STATUS_WRONG_PASSWORD smbclient -U user%passwd //SERVER/Docs -P Failed to open /var/lib/samba/secrets.tdb ERROR: Unable to open secrets database sudo smbclient -U user%passwd //SERVER/Docs -P ERROR: Unable to fetch machine password for SERVER$@ in domain WORKGROUP If i change passdb backend = smbpasswd in GLOBAL options: smbclient -U user%passwd //SERVER/Docs -P -e -A /etc/samba/smbpasswd ERROR: Unable to open credentials file! sudo smbclient -U user%passwd //SERVER/Docs -P -e -A /etc/samba/smbpasswd ERROR: Unable to fetch machine password for SERVER$@ in domain WORKGROUP My system: Linux user-laptop 2.6.32-23-generic #37-Ubuntu SMP x86_64 GNU/Linux My config: testparm Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.4.7] smb: \ quit u...@user-laptop:~$ testparm Load smb config files from /etc/samba/smb.conf rlimit_max: rlimit_max (1024) below minimum Windows limit (16384) Processing section [printers] Processing section [print$] Processing section [Docs] Processing section [printers] Loaded services file OK. Server role: ROLE_STANDALONE Press enter to see a dump of your service definitions [global] netbios name = SERVER server string = %h server (Samba, Ubuntu) map to guest = Bad User client lanman auth = Yes security = SHARE obey pam restrictions = Yes pam password change = Yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . unix password sync = Yes syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 dns proxy = No usershare allow guests = Yes panic action = /usr/share/samba/panic-action %d [printers] comment = All Printers path = /var/spool/samba create mask = 0700 printable = Yes browseable = No browsable = No [print$] comment = Printer Drivers path = /var/lib/samba/printers [Docs] comment = Documents path = /home/user/Documentos/Docs read only = No username = user smbtree WORKGROUP \\SERVER server (Samba, Ubuntu) \\SERVER\IPC$ IPC Service (server (Samba, Ubuntu)) \\SERVER\Docs Documents \\SERVER\print$ Printer Drivers sudo pdbedit -Lw nobody:65534:::[U ]:LCT-: user:1000::CC63D87C86C99FF2FB25B31C84CF584A:[U ]:LCT-4C23B25F: smbguest:1001:::[U ]:LCT-: Thanks in advance for your time Regards -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] security = SHARE
On Thu, 2010-07-08 at 02:44 +0200, José Puente wrote: Hello, Please, i need help with security mode = share. i want to configure security = share and the parameter username = user in a shared folder to avoid that everybody could access to it. f I have understood correctly the manual, this configuration enables to access if the password provided matches with the user`password. But when i try to access returns this error: smbclient //SERVER/Docs Enter user's password: Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.4.7] Server not using user level security and no password supplied. tree connect failed: NT_STATUS_WRONG_PASSWORD I also tried: smbclient -U user%passwd //SERVER/Docs Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.4.7] Server not using user level security and no password supplied. tree connect failed: NT_STATUS_WRONG_PASSWORD smbclient -U user%passwd //SERVER/Docs -P Failed to open /var/lib/samba/secrets.tdb ERROR: Unable to open secrets database sudo smbclient -U user%passwd //SERVER/Docs -P ERROR: Unable to fetch machine password for SERVER$@ in domain WORKGROUP If i change passdb backend = smbpasswd in GLOBAL options: smbclient -U user%passwd //SERVER/Docs -P -e -A /etc/samba/smbpasswd ERROR: Unable to open credentials file! sudo smbclient -U user%passwd //SERVER/Docs -P -e -A /etc/samba/smbpasswd ERROR: Unable to fetch machine password for SERVER$@ in domain WORKGROUP My system: Linux user-laptop 2.6.32-23-generic #37-Ubuntu SMP x86_64 GNU/Linux My config: testparm Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.4.7] smb: \ quit u...@user-laptop:~$ testparm Load smb config files from /etc/samba/smb.conf rlimit_max: rlimit_max (1024) below minimum Windows limit (16384) Processing section [printers] Processing section [print$] Processing section [Docs] Processing section [printers] Loaded services file OK. Server role: ROLE_STANDALONE Press enter to see a dump of your service definitions [global] netbios name = SERVER server string = %h server (Samba, Ubuntu) map to guest = Bad User client lanman auth = Yes security = SHARE obey pam restrictions = Yes pam password change = Yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . unix password sync = Yes syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 dns proxy = No usershare allow guests = Yes panic action = /usr/share/samba/panic-action %d [printers] comment = All Printers path = /var/spool/samba create mask = 0700 printable = Yes browseable = No browsable = No [print$] comment = Printer Drivers path = /var/lib/samba/printers [Docs] comment = Documents path = /home/user/Documentos/Docs read only = No username = user smbtree WORKGROUP \\SERVER server (Samba, Ubuntu) \\SERVER\IPC$ IPC Service (server (Samba, Ubuntu)) \\SERVER\Docs Documents \\SERVER\print$ Printer Drivers sudo pdbedit -Lw nobody:65534:::[U ]:LCT-: user:1000::CC63D87C86C99FF2FB25B31C84CF584A:[U ]:LCT-4C23B25F: smbguest:1001:::[U ]:LCT-: security = SHARE is like Windows 98 type share and there is no user considered at all, only a password. If you type 'testparm -sv' you will see all the settings and not those specifically configured in smb.conf and the default is tdb which is probably more than adequate for your purposes. Does /var/lib/samba/secrets.tdb exist? What is the permissions? If you set 'security = USER' and you seem to already have a samba user called 'user' (from pdbedit output) and some password created, if you have a posix user called 'user' and this 'user' has the ability to access /home/user/Documentos/Docs it should probably work. The Samba 'How-To' is extremely useful and you should refer to it. This is a link to the various 'security modes'... http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/ServerType.html Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] security = share
Hello, Please, i need help with security mode = share. i want to configure security = share and the parameter username = user in a shared folder to avoid that everybody could access to it. f I have understood correctly the manual, this configuration enables to access if the password provided matches with the user`password. But when i try to access returns this error: smbclient //SERVER/Docs Enter user's password: Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.4.7] Server not using user level security and no password supplied. tree connect failed: NT_STATUS_WRONG_PASSWORD I also tried: smbclient -U user%passwd //SERVER/Docs Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.4.7] Server not using user level security and no password supplied. tree connect failed: NT_STATUS_WRONG_PASSWORD smbclient -U user%passwd //SERVER/Docs -P Failed to open /var/lib/samba/secrets.tdb ERROR: Unable to open secrets database sudo smbclient -U user%passwd //SERVER/Docs -P ERROR: Unable to fetch machine password for SERVER$@ in domain WORKGROUP If i change passdb backend = smbpasswd in GLOBAL options: smbclient -U user%passwd //SERVER/Docs -P -e -A /etc/samba/smbpasswd ERROR: Unable to open credentials file! sudo smbclient -U user%passwd //SERVER/Docs -P -e -A /etc/samba/smbpasswd ERROR: Unable to fetch machine password for SERVER$@ in domain WORKGROUP My config: testparm Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.4.7] smb: \ quit j...@jose-laptop:~$ testparm Load smb config files from /etc/samba/smb.conf rlimit_max: rlimit_max (1024) below minimum Windows limit (16384) Processing section [printers] Processing section [print$] Processing section [Docs] Processing section [printers] Loaded services file OK. Server role: ROLE_STANDALONE Press enter to see a dump of your service definitions [global] netbios name = SERVER server string = %h server (Samba, Ubuntu) map to guest = Bad User client lanman auth = Yes security = SHARE obey pam restrictions = Yes pam password change = Yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . unix password sync = Yes syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 dns proxy = No usershare allow guests = Yes panic action = /usr/share/samba/panic-action %d [printers] comment = All Printers path = /var/spool/samba create mask = 0700 printable = Yes browseable = No browsable = No [print$] comment = Printer Drivers path = /var/lib/samba/printers [Docs] comment = Documents path = /home/user/Documentos/Docs read only = No username = user smbtree WORKGROUP \\SERVERserver (Samba, Ubuntu) \\SERVER\IPC$ IPC Service (server (Samba, Ubuntu)) \\SERVER\Docs Documents \\SERVER\print$ Printer Drivers sudo pdbedit -Lw nobody:65534:::[U ]:LCT-: user:1000::CC63D87C86C99FF2FB25B31C84CF584A:[U ]:LCT-4C23B25F: smbguest:1001:::[U ]:LCT-: Thanks in advance for your time Regards -- View this message in context: http://old.nabble.com/security-%3D-share-tp28986491p28986491.html Sent from the Samba - General mailing list archive at Nabble.com. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] security = share
Le 29/03/2010 21:54, Jeremy Allison a écrit : On Mon, Mar 29, 2010 at 09:45:06PM +0200, Cassian Braconnier wrote: Hi, in Using Samba by G. Carter, J Ts and R. Eckstein, 3rd edition, on chapter 5, page 113, I ses that the security = share option is deprecated. It is said that there is a high chance that ... will be removed from Samba at some future time. I find that security = share is extremely useful for many small non critical networks. Is it still the case that this option is considered deprecated ? and if so what is supposed to replace it and to give the same functionality ?ier Well you can replace security = share with the correct map to guest options, so it really isn't useful in the way you think. Having said that we haven't (yet) removed it, and I just refactored the code that implements it, so it'll probably be around causing us trouble for a while yet :-). Jeremy. With security = share, the user, on a Windows client, has just to click on the computer icon and everything is there, available. As far as I can see (but maybe I am mistaken), with map to guest a dialog opens with identifier and password fields : something very troublesome for the average non professional user (potentially millions of users throughout the world). If so, from the point of view of non professional users, to remove security = share would be a considered a regression, it seems. Cassian Braconnier -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] security = share
Le 30/03/2010 12:09, Cassian Braconnnier a écrit : Le 29/03/2010 21:54, Jeremy Allison a écrit : On Mon, Mar 29, 2010 at 09:45:06PM +0200, Cassian Braconnier wrote: Hi, in Using Samba by G. Carter, J Ts and R. Eckstein, 3rd edition, on chapter 5, page 113, I ses that the security = share option is deprecated. It is said that there is a high chance that ... will be removed from Samba at some future time. I find that security = share is extremely useful for many small non critical networks. Is it still the case that this option is considered deprecated ? and if so what is supposed to replace it and to give the same functionality ?ier Well you can replace security = share with the correct map to guest options, so it really isn't useful in the way you think. Having said that we haven't (yet) removed it, and I just refactored the code that implements it, so it'll probably be around causing us trouble for a while yet :-). Jeremy. With security = share, the user, on a Windows client, has just to click on the computer icon and everything is there, available. As far as I can see (but maybe I am mistaken), with map to guest a dialog opens with identifier and password fields : something very troublesome for the average non professional user (potentially millions of users throughout the world). If so, from the point of view of non professional users, to remove security = share would be a considered a regression, it seems. Cassian Braconnier And of course second problem is that you have to have a guest account set up on your computer, I guess. security = share is so much simpler, please don't remove it ! Think of ordinary users... Cassian Braconnier -- Ce courriel a été émis à partir du système d'exploitation Linux - Préférez les logiciels libres et les formats ouverts. LINUX ? IL Y A MOINS BIEN, MAIS... C'EST PLUS CHER !! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] security = share
Hi, in Using Samba by G. Carter, J Ts and R. Eckstein, 3rd edition, on chapter 5, page 113, I ses that the security = share option is deprecated. It is said that there is a high chance that ... will be removed from Samba at some future time. I find that security = share is extremely useful for many small non critical networks. Is it still the case that this option is considered deprecated ? and if so what is supposed to replace it and to give the same functionality ? Thanks. C.B. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] security = share
On Mon, Mar 29, 2010 at 09:45:06PM +0200, Cassian Braconnier wrote: Hi, in Using Samba by G. Carter, J Ts and R. Eckstein, 3rd edition, on chapter 5, page 113, I ses that the security = share option is deprecated. It is said that there is a high chance that ... will be removed from Samba at some future time. I find that security = share is extremely useful for many small non critical networks. Is it still the case that this option is considered deprecated ? and if so what is supposed to replace it and to give the same functionality ? Well you can replace security = share with the correct map to guest options, so it really isn't useful in the way you think. Having said that we haven't (yet) removed it, and I just refactored the code that implements it, so it'll probably be around causing us trouble for a while yet :-). Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Security = share changed in Samba 3+ ?
Hi, I have several servers in separate networks currently running samba 2.2.5. Each server can have aliases and I'm using the %L macro in share path, so that each appear as a separate 'virtual' server - depending on how the client calls it. There is at least one SMB users defined in 'smbpasswd' file. Here is the current config: [global] workgroup = MYGROUP netbios name = server1 netbios aliases = server2 server3 server4 server string = Linux SMB Server interfaces = eth1 bind interfaces only = yes encrypt passwords = Yes password level = 8 security = share username level = 8 username map = /etc/samba.d/smbusers max log size = 200 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 dns proxy = No log file = /var/log/samba.d/smb.%m log level = 2 mangle case = yes preserve case = no short preserve case = no default case = lower oplocks = no level2 oplocks = no strict locking = yes stat cache = no load printers = no local master = no [myshare] comment = My Virtual Shares browseable = no writeable = yes path = /opt/myshare/vhosts/%L With this I can use 'smbclient' to connect to '//serverX/myshare' (where X is 1-4) using the same user (myuser) and I can just 'browse' the share. I need to upgrade all servers to a newer distro - OpenSuSE 11.1 that comes with Samba 3.2.7. Because there are some automated procedures running on clients I need to make sure Samba works pretty much the same as it does on the current production servers. I had to change some obvious options in 'smb.conf' - paths (OpenSuSE is using 'samba' instead 'samba.d'), 'mangle case' is no longer a valid option and I had to add 'client lanman auth = yes' option. However, that alone is not enough - whenever I use 'smblcient', I get an error: # smbclient //server1/myshare -U myuser Enter myuser's password: Domain=[MYGROUP] OS=[Unix] Server=[Samba 3.2.7-11.2.1-2080-SUSE-CODE11] Server not using user level security and no password supplied. tree connect failed: NT_STATUS_WRONG_PASSWORD I checked the obvious stuff - the username is OK, it exists in both /etc/passwd and /etc/samba/smbpasswd and the path for the share also exists. I then tried adding some options, but these didn't help: passdb backend = smbpasswd lanman auth = yes ntlm auth = yes smb encrypt = no client lanman auth = yes client plaintext auth = yes The log shows this: == smb.172.16.0.123 == [2009/06/17 12:19:37, 2] auth/auth.c:check_ntlm_password(318) check_ntlm_password: Authentication for user [myuser] - [myuser] FAILED with error NT_STATUS_WRONG_PASSWORD [2009/06/17 12:19:37, 2] auth/auth.c:check_ntlm_password(318) check_ntlm_password: Authentication for user [myuser] - [myuser] FAILED with error NT_STATUS_WRONG_PASSWORD [2009/06/17 12:19:37, 2] auth/auth.c:check_ntlm_password(318) check_ntlm_password: Authentication for user [myuser] - [myuser] FAILED with error NT_STATUS_WRONG_PASSWORD [2009/06/17 12:19:37, 2] auth/auth.c:check_ntlm_password(318) check_ntlm_password: Authentication for user [myuser] - [myuser] FAILED with error NT_STATUS_WRONG_PASSWORD [2009/06/17 12:19:37, 2] auth/auth.c:check_ntlm_password(318) Invalid username/password for [myshare] Did 'security = share' change from Samba 2 to Samba 3? What do I need to change to make Samba 3 behave like Samba 2 did - with 'security = share'? Thanks, Danilo -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Security share and problem with unix groups login.
I've expirienced strange problem with unix group login in samba recently. This is unusuall because users given in username pramater in share can log into it, but if I add group of users that group cant log in to share. I'm using FreeBSD 6.2 Stable, samba version is 3.0.25.a. Sample smbd logs: [2007/08/21 16:49:39, 3, effective(0, 0), real(0, 0)] libsmb/ ntlm_check.c:ntlm_password_check(455) ntlm_password_check: LM password, NT MD4 password in LM field and LMv2 failed for user xxx [2007/08/21 16:49:39, 3, effective(0, 0), real(0, 0)] smbd/ sec_ctx.c:push_sec_ctx(208) Cheers. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] security = share
[global] workgroup = SCL netbios name = ODIN security = share log level = 2 interfaces = eth* bind interfaces only = yes socket options = IPTOS_LOWDELAY TCP_NODELAY [images] comment = ODIN path = /odin/images browseable = yes writeable = yes read only = no public = yes [IPC$] path = /tmp I seem to missing something. If I try to connect to the images share it is not authenticating the user specified. Here is what shows up in the /var/log/samba/log.smb [2006/06/01 08:39:23, 2] auth/auth.c:check_ntlm_password(317) check_ntlm_password: Authentication for user [images] - [images] FAILED with error NT_STATUS_NO_SUCH_USER [2006/06/01 08:39:23, 1] smbd/service.c:make_connection_snum(700) 155.97.16.161 (155.97.16.161) connect to service images initially as user nobody (uid=65534, gid=65533) (pid 11752) It is not prompting for a password, what am I missing? -- Jas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] security = share
[images] public = yes It is not prompting for a password, what am I missing? public=yes means anyone can connect to the share. You will notice from your logs that the user authentication fails, and here you would normally get an error message - but because of public=yes, Samba just lets you connect as the user 'nobody'. Cheers, Adam. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] security=share, who needs it ?
Hi list, the security=share setting does not behave as many admins expect. Access to all shares are mapped to the guest account and if the underlying unix permissions don't permit that access you get errors and the access doesn't work as expected. Also is security=share a global parameter. This given, there is no distinction between guest and authenticated access per share possible yet. Further you can archieve the security=share setting behavior with setting -smb.conf [global] security = user # thats the default of current releases map to guest = bad user username map = /etc/samba/smbusers smbusers- foo = * What reasons prevent removing 'security=share' ? -- Carsten Schaub [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] security=share, write / read-only mix doesn't work on Samba3
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [EMAIL PROTECTED] wrote: | Well, unfortunately, my users don't have the inclination | to migrate from Win9x (which is what security=share was | patterned after, right?) so they don't have an option to | supply a separate username when logging into a share. So, | with security=user, they are required to login to their | PCs as a different user to access shares with users | that don't exactly match their login username. Is this feature | just not supported anymore in Samba3? If you want user based access, then you'll have to ask your user's to authenticate. If you just want guest access, then use map to guest = bad user security = user cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFB/ObiIR7qMdg1EfYRAoQnAJ9B1VxgZw1PzQmY/GUFmDwGXznFfgCgjYch SndHPY9vcxeaQt67edi+qJ8= =Y1k2 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] security=share, write / read-only mix doesn't work on Samba3
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Carlos Knowlton wrote: | I'm having trouble migrating from Samba2 to Samba3. I'm | trying to make a share that allows some users | read-only access, and others read-write. In version 2.2 | this worked, but not in version 3. | | I'm pretty sure it's my configuration, but I ran into | this link on the samba bugzilla site, and now I don't know. | | https://bugzilla.samba.org/show_bug.cgi?id=1844 I've always thought this an odd configuration...expecting user level access control with a security level that has no concept of users. My recommendation is to migrate to security = user. I'm not really inclined to re-instantiate the previous behavior. It's too confusing IMO (both to explain and to maintain). cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFB+53eIR7qMdg1EfYRAv41AKCQSlw71r6TQaCqnPPmqXEdy2c4SwCg3zJq 2nb7Ifz2ZzI9BvGVwsqV6vM= =SN0x -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] security=share, write / read-only mix doesn't work on Samba3
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Carlos Knowlton wrote: | I'm having trouble migrating from Samba2 to Samba3. I'm | trying to make a share that allows some users | read-only access, and others read-write. In version 2.2 | this worked, but not in version 3. | | I'm pretty sure it's my configuration, but I ran into | this link on the samba bugzilla site, and now I don't know. | | https://bugzilla.samba.org/show_bug.cgi?id=1844 I've always thought this an odd configuration...expecting user level access control with a security level that has no concept of users. My recommendation is to migrate to security = user. I'm not really inclined to re-instantiate the previous behavior. It's too confusing IMO (both to explain and to maintain). Well, unfortunately, my users don't have the inclination to migrate from Win9x (which is what security=share was patterned after, right?) so they don't have an option to supply a separate username when logging into a share. So, with security=user, they are required to login to their PCs as a different user to access shares with users that don't exactly match their login username. Is this feature just not supported anymore in Samba3? Thanks for the suggestion. -Carlos -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] security=share, write / read-only mix doesn't work on Samba3
Hi, I'm having trouble migrating from Samba2 to Samba3. I'm trying to make a share that allows some users read-only access, and others read-write. In version 2.2 this worked, but not in version 3. I'm pretty sure it's my configuration, but I ran into this link on the samba bugzilla site, and now I don't know. https://bugzilla.samba.org/show_bug.cgi?id=1844 Can anyone point me in the right direction? Here's my smb.conf file: -- [global] read raw = yes guest account = nobody socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=16384 SO_RCVBUF=16384 wins server = 192.168.1.1 null passwords = yes map to guest = bad user encrypt passwords = yes level2 oplocks = yes lock directory = /var/lock/subsys netbios name = myserver write cache size = 16384 server string = myserver min passwd length = 0 unix password sync = yes workgroup = mygroup os level = 20 force user = all comment = My Server security = user getwd cache = yes dont descend = /proc,/dev,/etc,/usr max log size = 2000 log level = 1 [share] comment = My Share read list = @CommonUsers user = @CommonUsers,@Administrators write list = @Administrators path = /home/users -- Thanks! Carlos Knowlton -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] security=share challenges
Hi, How can I set the restrictions on my shares if I want to make them read only or permit to write on it only to some users if I use security = share option. (Samba 3). I have to use security=share due to different cases. thanks., Sandor -- ...Fehr Sndor...---Sandor Feher fejlesztsi vezet --- development manager Blue System Kft. --- Blue System Ltd. mailto:[EMAIL PROTECTED] http://www.bluesystem.hu -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba